My firewall (Tiny Personal Firewall) have a activity window. This windows show all ports opened actually.I have two hubs (1 Ptokax and 1 YHub). YHub is Ok, because when a client disconnect the port is free and the firewall block this port again. But Ptokax didn't free the ports after client disconnects then firewall think that port is in use and don't block.Anybody have a solution for this issue?

all clients connect 2 port 411, those extra ports you see opend by ptokax are from something else (refresh my mind if you know which part this was).nomather which firewall you use they are always opened and never closed, as it's a ptokax issue and not a firewall.beside that it's outbound trafic so it doesn't cause any danger, beside wasting memory.there are 3 way's 2 solve it.1) step back 2 ptokax icecube.2) wait for the public beta of 0.3.3.0.3) just ignore it.

OK, running 15-25 myself, no problems! Started a fight with firewalls. Why? Not al firewalls blok IP's and/or Port 0. And exactly on Port 0 riaa and other's are spying on or attacking hubs.

drive4 as well 15-25 are doing what they should do. Listening to local port 411 and accepting inbound trafic from various remote ports on local port 411 (or the one specified at the hub address). I also found out that both PtokaX's listining, however, without any activity, to local port 413.

Does someone has any idea why PtokaX is listining to port 413??? I don't and blokked it.

robertone

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

this sounds like it could be the open port for public hublists to ping the servers for info...otherwise this could be a reason hubhacks are operating, how knows what someone will add to there code so they can get in laters

Public hublist are served from the default (411) or specified local port to the remote port 2501. I don't get error messages because I locked port 413. PtokaX is only listening at that port!

Hublist.org probes on the default or specified local port.

robertone

« Last Edit: 03 May, 2004, 13:32:23 by robertone »

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

Private Sub Winsock_close Winsock.Close Winsock.LocalPort = 3009End SubThe problem about closing this sockets is because the application is still running.I don't now how to force a winsocket.close....so , i'm stuck and wainting for 0.330.From my experience , the uptime record for TD4 was 400 hours and [15.25] was 800 hours.There are reallt excellent improvements with this socket issue in next versions.THANKS ptaczek and all programmers , testers and scripters.YOU ALL ROCK MY WORLD !

Ptokax is listining at local port 413, the only script presently used is robocop 6.0d.

In the router log I found a few rare occations that some packets were send to a remote port 413 from local port 8888 and 8450. This is not stating that PtokaX sended those packets. On the other hand, there are no hubs specified in the DC client favorite hub list that uses port 413.

To [PT]CableGuyIf I'm not wrong the DCPlusPlus client is listining by default at local port 1212-1213. However, this is changed when a port is specified in settings. More over, the client chooses, according the DC protocol, randomly a local port between 1024-65535 for communication. Not all clients follow this protocol. I noticed communication on lower ports -- the lowest detected by me was port 7. In settings of my present client I specified port 1214, but even so it's also listining at the local port 4673. I'm behind a router/firewall and a second firewall/filter. Therefor it's important to me to know which ports the progs are using.

Further more I noticed that all clients using both UDP and TCP. This despite the DC protocol, that's specifying UDP. Actually it's very curious to see that worldwide all clients change from UDP to TCP and back at allmost the same time. There has to be a trigger!

robertone

« Last Edit: 05 May, 2004, 00:07:47 by robertone »

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

Very well said robertone.In fact there are many opened (not closed) ports by the applications and even the O.S.What you should care is "the one's" with established connections .

For example:Here you can see , established and listening "states"...wich means:"The only active and opened ports are the established one's"

All the "other states" are not really "active". ) As you can see from the image ,for this "states" ptokax listens on port 3380 , then connects to "random" ports and finally connects to eci:0 , wich is my pc name->eci.So not really any communication with any computer....just youself :]

@CableGuy: My problem is exact the same. My firewall reports many local ports opened by Ptokax and I think that a bad hacker can invade my system because any firewall accept connections in local open ports.

Your PtokaX version is listining to more ports then mine. For every logged-in user there is one TCP connection at the local port 411 (inbound). And PX is listining, for onknown reason, permanently to local port 413 (UDP). No more.

In your example I notice three open UDP listining ports; 413, 1981 & 3030. And 19 not closed ports (connected to itself), which I didn't noticed it at my hub :]

All connections vissible, besides port 413, in my connection window are living. I locked UDP port 413 in the router/firewall. PX doesn't notice it is locked and doesn't seem to care that no data is received at UDP port 413.

DC clients is an other story, they make a real mesh. A firewall programmar's nightmare, I would say! Just opening all possible ports, UDP & TCP, randomly. Only the inbound port can be controled.

robertone

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

Originally posted by acrespo ...I think that a bad hacker can invade my system because any firewall accept connections in local open ports...

Well , actually the biggest hole in security , is called Microsoft. X( In fact if you use TCPView , you can see there are many "listening and time_wait" ports.For example svchost , system , inetinfo....does this and doesn't close the ports.

Let's get the example from Blaster or Sasser Virus...Blaster uses a vulnerability in the windows RPC , and Sasser uses the LSASS vulnerability.But if you use a firewall , these virus are not triggered and no connection to the internet is done.Though there are "listening ports" (used by the virus)...the remote port is allways the PC:0 because communications are blocked by the firewall.

Don't worry ppl , this is "normal" and doesn't affect you're PC if you use a firewall/router.

Originally posted by acrespo ...After one week I need to shutdown Ptokax...

Humm..I have also used TD4 and it stayed 11 days online...before "eating" all ports. NOW , with PtokaX 0.330 [15.25] , the hub stays online 30 days There are significant changes in this version , wich makes me very , very happy

Originally posted by acrespo ...Ptokax 0.330 is in development over 1 year...

I prefer to wait for a good applicationrather than nice applicationIn fact if it was an excelent application i would be the happyest man aliveWhat i'm saying is that i don't mind to wait since there is......undeniable evidences of excellent work beeing developed by every "teams". ) I mean many ppl are involved in "this"...betaTesters , scripters , programmers and users Let it be the perfect tool for "us" to use with no "worries". :] Let it be "the gift" that ptaczek delivers to the world ! Let's.....wait

I notice a general approval that the leaked beta version PtokaX v0.330 build 15-25 :] is actually better then the public release v0.326 TestDrive 4!!!

Anyhow, like [PT]CableGuy is mentioning, a firewall/router protects against some Microsoft Windows vulnerabilities. But not all, svchost for example can send data and open a port in the firewall/router by that. I block and monitor found listining ports dedicated with my firewall/router. Actually it's my humble opinion that everyone who's connected to internet more then two hours a day, should protect himself (my apologizes to all feminists, but the English language still addresses the public masculin) with a firewall/router, even when he own's only one pc.

But more, I really start to like the possibilities of OutPost firewall. You really can make dedicated rules in which occasion a prog is allowed to open a port or listining to it. I'm shure that there are more firewalls with the same possibilities, but I don't know them. Except the debian, but that's running on an other OS platform.

robertone

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

current ptokax versions have only 1 port 2 connect 2 (the 2nd port can be used 2 search in active mode - 413).but there is good news, on the latest 0.3.3.0 beta there is the option 2 use @ least 2 ports for users 2 connect 2.

Only one question left, which beta build??

robertone

Logged

We have nowadays more welt and luxury then any of our ancestors could imagen, but are we grateful for that???Can a species that even don\'t care for the planet that gave them birth... be grateful at all?

Originally posted by robertone Found this on the other forum from the hand of plop

Quote

current ptokax versions have only 1 port 2 connect 2 (the 2nd port can be used 2 search in active mode - 413).but there is good news, on the latest 0.3.3.0 beta there is the option 2 use @ least 2 ports for users 2 connect 2.

Only one question left, which beta build??

robertone

it's in 1 of the latest versions which is not released 2 the beta team, prob 15.30+.pta spoke about it the boards but didn't mention the version number, just that he added it the day before.